Tutorial 11 Flashcards

1
Q

Black Hat Hackers:

A

Malicious hackers who break into systems to steal, destroy, or exploit
data. Their intent is criminal or harmful, such as stealing credit card numbers or spying on
organizations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Botnets:

A

Networks of infected computers (zombies) controlled remotely by cybercriminals.
Used to send spam, execute DDoS attacks, or distribute malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Distributed Denial of Services (DDoS) Attack:

A

A cyberattack that floods a server or
network with massive traffic from multiple sources. The goal is to crash or cripple the service,
making it unavailable to legitimate users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Encryption:

A

The process of converting data into a coded form to prevent unauthorized
access. Only someone with the decryption key can read the original data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Firewalls:

A

Software or hardware that filters and blocks unauthorized access to or form a
private network. Acts as a barrier between a trusted internal network and untrusted external
networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Malware:

A

Short for malicious software (e.g., viruses, worms, trojans). Designed to damage
or disable systems, steal data, or spy on users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Phishing:

A

A type of social engineering where attackers trick users into revealing sensitive
info (e.g. passwords). Often done through face emails or websites posing as legitimate
entities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Social Engineering:

A

The use of manipulation or deception to trick people into breaking
security procedures. An example would be pretending to be IT support, or using personal
knowledge to gain trust.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Spyware:

A

Software that secretly gathers user data without permission. Often bundled with
free download or disguised as legitimate software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

White Hat Hackers:

A

Ethical hackers who test and identify vulnerabilities in systems to help
improve security. Hired by companies for penetration testing or audits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Motivations for attacks:

A

-Financial theft
-Identity theft
-Revenge
-Espionage
-Cyberwarfare
-Terrorism
-Protest (hacktivism)
-Pranks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Criminal ecosystem:

A

Data harvesters sell to fraudster in a sophisticated market

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Botnets and DDoS attacks

A

Are common tools used to launch widespread and
disruptive attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Insider threats

A

And nation-state actors are particularly dangerous

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cyberwarfare

A

Is real and increasing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Vulnerabilities

A

⇒ exist in every system touchpoint: software, hardware, user behaviour
●Common attack vectors:
-Phishing, social engineering
-Malware, SQL injection, website compromises
-Lost/stolen devices, unpatched software
●Security awareness and basic controls can help significantly

17
Q

Taking Action - For Individuals:

A

Surf smart, stay updated, use antivirus and firewalls, encrypt data. manage
passwords wisely, and backup data

18
Q

Taking Action - For organizations

A

-Use frameworks like ISO 27000 series, PCI DSS, HIPAA, etc.
-Realize that compliance isn’t security
⇒ security requires a culture of continuous vigilance
-Implement access control, firewalls, honeypots, intrusion detection, patch
management, and audits
-Develop recovery and incident response plans
-Engage employees at every level, from the boardroom to interns

19
Q

Factors driving insider risk

A

●Growth in IT complexity and outsourcing
●Use of personal devices and social media
●Motivations: revenge, money, ideology, coercion

20
Q

Managers in the Dark:

A

●Managers are largely ignorant of insider threats

●They view security as somebody else’s job – usually the IT department’s
-Few managers recognize the importance of observing unusual employee
behaviour to obtain advance warning of attack

●Few IT groups are given guidance regarding, which information assets are most
critical, what level of risk is acceptable, or how much should be invested to prevent
attacks

21
Q

Common practices that don’t work:

A

-Access controls ⇒ rules that prohibit people from using corporate divides for
personal tasks will not keep them from stealing assets
-Vulnerability management ⇒ security patches and virus checkers will not
prevent or detect access by malevolent authorized employees or third parties
using stolen credentials
-Strong boundary protection ⇒ putting critical assets inside a hardened
perimeter will not prevent theft by those authorized to access the protected
systems
-Password policy ⇒ mandating compley or frequently changed passwords
means that they often end up on post-it notes – easy pickings for someone
with physical access
-Awareness programs ⇒ Simply requiring employees to read the company’s
IT security policy annually will not magically confer cyber awareness on them.
Nor will it prevent staff members from taking harmful actions

22
Q

Recommended Actions:

A
  1. Develop insider policies: Clear, enforced, understood at all levels
  2. Monitor behaviours: Track access, detect anomalies, and perform audits
  3. Screen vendors and hires: Check for red flags in background and behaviour
  4. Promote culture of awareness: Make cybersecurity a shared responsibility like
    safety or quality
  5. Limit access & privileges: Use “least privilege” principle – employees only get
    access to what they need ⇒ regularly audit high-privilege accounts
  6. Use real-time detection tools: Focus on exfiltration detection, not just infiltration
23
Q

How can an employee or vendor be the biggest threat?

A

●Legitimate access: Insiders already have access to systems, unlike external
hackers
●Vendors and contractors may use shared credentials pr be loosely monitored
●Unintentional risks: Employees can fall for phishing, lose devices, or use unsecure
apps
●Malicious insiders: Disgruntled employees may intentionally sabotage or steal data

24
Q

Motivations behind inside cyber threats:

A

-Financial Gain – Selling sensitive data on the dark web or blackmailing the company
-Revenge – Disgruntled employees wanting to harm the organization
-Recognition or Ego – Showing off technical prowess or power
-Ideology/Activism – Political or ethical motives
-Coercion/Blackmail – Forced to act by external threats
-Loyalty to Others – Assisting someone else, e.g., a family member or third party

25
Q

What is Shadow IT?

A

●Use of unauthorized tools or systems by employees
●Arises from a desire to increase work efficiency but poses cybersecurity risks
●Shadow IT often emerges because official IT solutions are slow, restrictive, or
unhelpful

26
Q

Risk of Shadow IT

A

-Data loss and leakage
-Regulatory violations
-Increased vulnerability to cyberattacks
-Poor data integration and malware spread
-Insider threads: Shadow IT often operates beneath the IT department’s radar

27
Q

Types of Shadow IT Users

A

●GOAs (Goal-Oriented Actors):
-Tech-savvy, aware of cybersecurity
-Use shadow IT intentionally an responsibly
-Often innovative and solution-driven

●Followers:
-Mimic GOAs but lack technical and cybersecurity awareness
-Higher risk due to uninformed behavior

28
Q

10-Point Strategy (key recommendations):

A
  1. Accept that shadow IT can’t be fully eliminated
  2. Assess business risks and evaluate threat vs. benefit
  3. Select and enforce cybersecurity policies carefully
  4. Educate users about risks and policy rationale
  5. Avoid blocking employee productivity
  6. Create a User Experience (UX) team to liaise with users
  7. Use chatbots to scale support and feedback
  8. Reward useful shadow IT innovations
  9. Manage GOAs and Followers differently (support GOAs, guide followers)
  10. Collaborate with GOAs as IT partners and idea contributors
29
Q

MP1 Archetype

A
  • 500 employees
  • Media industry
  • Values and culture: security and innovation

Technical and organizational measures: Strict technical and organizational restrictions. Awareness raised with employment at MP1 and in media industry

Enforcement: Strict, severe and certain sanctions

Communication: Constantly seeking feedback on user needs. Encouragement and promotion of new IT proposals with non-monetary rewards. Explanations of failed/not-implementable requests and required restrictions, discussion of alternative solutions

Responsiveness: Swift, agile, efficient responses to compete with dynamic market requirements

Shadow IT use: Very little

30
Q

GK2

A
  • 35,000employees
  • Manufacturing industry
  • Values and culture: Entrepreneurship, market orientation, flexibility, hands-on approach

Technical and organizational measures: Technical restrictions that are open for discussion and adaptation

Enforcement: Case-by-case basis. No strict sanctions if shadow IT use is deemed to be in GK2’s interest

Communication: Active encouragement of questioning cybersecurity policies discussing adjustments, proposing novel IT

Responsiveness: Slow adaptation of cybersecurity policies and introduction of new IT solutions, unless top management has a pressing need

Shadow IT use: Occasional

31
Q

DB3 Archetype

A
  • 400,000 employees
  • Automotive industry
  • Values and culture: Control, rules and compliance, hierarchy, mistrust

Technical and organizational measures: Strict technical and organizational restrictions dictated by IT department. Compliance monitoring and controls

Enforcement: Sanctions inconsistent and mild. Consequences incomprehensible or ridiculous

Communication: Minimal communication and coordination with users and their needs. Lack of service mindset. Technically unskilled and disinterested leaders

Responsiveness: Length and rare IT implementation of projects. Inaccessible, unhelpful IT support

Shadow IT use: Very frequent

32
Q

MF4 Archetype

A
  • 20,000 employees
  • Automation/technical education industry
  • Values and culture: flexibility, trust, security

Technical and organizational measures: Minimal technical restrictions. Regular employee cybersecurity and privacy training in awareness

Enforcement: Trust and responsibility delegated to employees. Severe sanctions expected only for deliberate negligence

Communication: Company suggestion program for novel ideas with financial participation. IT support

Responsiveness: Responsive IT department and support

Shadow IT use: None possible/necessary